CISSP Official Practice Tests by Mike Chapple, David Seidl

cut and paste – differential backups 465 failures, 400 firewall architecture and, 95 primary keys, 207 RDBMS, 193 recovery mecha ...

466 Diffie-Hellman – egress filtering documentation, 12 chain of custody, 75 lessons learned, 392 postmortem review, 173 DoS (de ...

electromagnetic emanations – expert opinion evidence 467 HIPAA and, 35 keys, 53, 56, 58, 72, 85, 207, 424 link encryption, 248 m ...

468 expert systems – FRR (false rejection rate) application-level gateway, 422 databases and, 95 design, 83, 96 DMZ and, 95, 98 ...

FTC (Federal Trade Commission) – IaaS (infrastructure as a service) 469 hard drives forensic analysis, 262 sectors, bad, 29 zero ...

470 ICMP (Internet Control Message Protocol) – IP addresses insider attacks, 387 insurance, 274, 279, 441 integration testing, 4 ...

IP protocols – labeling 471 Kerberos, 124, 202, 300, 358, 359, 365, 368 AES, 360 authentication process, 105, 110 logon process, ...

472 land attacks – mantraps logins, 205 logs, 156 login failures, 105 overwriting, 440 LOIC (Low Orbit Ion Cannon), 271, 437 los ...

manual code review – networks 473 modes of operation, privileged, 62 modification attacks, 412 modulo function, 409 motion detec ...

474 next generation firewalls – packets OFDM (Orthogonal Frequency-Division Multiplexing), 81, 348 off-by-one error, 398 OLA (op ...

pair programming – performance monitoring 475 path disclosures, 372 payloads, 414 payment card information, 17 PBX systems, 353 ...

476 permissions – practice test 4 answers turnstiles, 430 wiring closets, 59 physical infrastructure, hardening, 6 Physical laye ...

preaction system – RAD (Rapid Application Development) 477 A R P, 290 converged, 86 cryptography, 66 DNS, 290 encryption, 299 me ...

478 RADIUS (Remote Access Dial In User Service) – risk relational databases, 205, 401 permanence, 292 release control, 454 remed ...

risk acceptance strategy – security clearance 479 SAINT, 221 salt, 284, 340, 439, 444, 454 SAML (Security Assertion Markup Langu ...

480 security fixes – spiral development model SMTP (Simple Mail Transfer Protocol), 348, 442 OSI model and, 90 ports, 354 server ...

SPIT (Spam over Internet Telephony) attacks – Take-Grant permissions model 481 subject/object model, 53, 424, 448 subnet masks, ...

482 tampering – threat modeling functions disallowed, 134 fuzzing, 146 gray box, 182, 188, 208, 400, 408, 441, 446 integration t ...

threats – USC (United States Code) 483 training, 25 security awareness training, 5 transaction logging, 438 transferring risk, 3 ...

484 use case testing – vulnerability scans polymorphic viruses, 396 propagation, 198 stealth, 397 vital records programs, 22 VLA ...